Design and Implementation of a Terrorist Fraud Resilient Distance Bounding System
نویسندگان
چکیده
Given the requirements of fast processing and the complexity of RF ranging systems, distance bounding protocols have been challenging to implement so far; only few designs have been proposed and implemented. Currently, the most efficient implementation of distance bounding protocols uses analog processing and enables the prover to receive a message, process it and transmit the reply within 1 ns, two orders of magnitude faster than the most efficient digital implementation. However, even if implementing distance bounding using analog processing clearly provides tighter security guarantees than digital implementations, existing analog implementations do not support resilience against Terrorist Fraud attacks; they protect only against Distance Fraud and Mafia Fraud attacks. We address this problem and propose a new, hybrid digital-analog design that enables the implementation of Terrorist Fraud resilient distance bounding protocols. We introduce a novel attack, which we refer to as the “double read-out” attack and show that our proposed system is also secure against this attack. Our system consists of a prototype prover that provides strong security guarantees: if a dishonest prover performs the Terrorist Fraud attack, it can cheat on its distance bound to the verifier only up to 4.5 m and if it performs Distance Fraud or Mafia Fraud attacks up to 0.41 m. Finally, we show that our system can be used to implement existing (Terrorist Fraud resilient) distance bounding protocols (e.g., the Swiss Knife and Hancke-Kuhn protocol) without requiring protocol modifications.
منابع مشابه
Distance Hijacking Attacks on Distance Bounding Protocols – Abstract
Using a distance bounding protocol, a device (the verifier) can securely obtain an upper bound on its distance to another device (the prover) [1]. A number of distance bounding protocols were proposed in recent years, which provide different performance and security guarantees. So far, several distance-bounding protocols were implemented, some using digital processing and short symbols, whereas...
متن کاملTerrorism in Distance Bounding: Modeling Terrorist-Fraud Resistance
In distance-bounding protocols, verifiers use a clock to measure the time elapsed in challenge-response rounds, thus upper-bounding their distance to the prover. This should prevent man-in-the-middle (MITM) relay attacks. Distance-bounding protocols may aim to prevent several attacks, amongst which terrorist fraud, where a dishonest prover helps the adversary to authenticate, but without passin...
متن کاملVssdb: A Verifiable Secret-Sharing Distance-Bounding Protocol
Terrorist fraud is a class of relay attacks against distancebounding (DB) protocols in which a distant malicious prover colludes with an attacker located in a verifier’s proximity when authenticating. Existing DB protocols resisting such attacks are designed to be lightweight and thus symmetric, relying on a secret shared by the prover and the verifier. Recently, several asymmetric distance-bou...
متن کاملDistance-Bounding Proof of Knowledge Protocols to Avoid Terrorist Fraud Attacks
Real-time frauds can be applied against numerous zero-knowledge or minimal disclosure identification schemes that protect physical services, be it opening a door or verifying attributes of a certified device. In [4], Brands and Chaum proposed distance-bounding protocols to forbid mafia fraud attacks and let the terrorist fraud attack as an open issue. In this paper, we describe an extension of ...
متن کاملPractical and Provably Secure Distance-Bounding
From contactless payments to remote car unlocking, many applications are vulnerable to relay attacks. Distance bounding protocols are the main practical countermeasure against these attacks. In this paper, we present a formal analysis of SKI, which recently emerged as the first family of lightweight and provably secure distance bounding protocols. More precisely, we explicate a general formalis...
متن کامل